From alerts@us-cert.gov Wed Apr 14 05:03:11 2004
From: US-CERT Alerts <alerts@us-cert.gov>
To: alerts@us-cert.gov
Date: Tue, 13 Apr 2004 22:21:26 -0400
Subject: US-CERT Cyber Security Alert SA04-104A -- Summary of Windows
    Security Updates for April 2004 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Summary of Windows Security Updates for April 2004

   Original release date: April 13, 2004
   Last revised: --
   Source: US-CERT

Systems Affected

     Systems running Microsoft Windows

Overview

     There are multiple vulnerabilities in Microsoft Windows that could
     allow attackers to take control of your computer.

Description

     Microsoft has released Windows Security Updates for April 2004,
     which addresses multiple vulnerabilities in the Microsoft Windows
     operating system. Three of the four updates are considered
     critical, so users should apply the updates as soon as possible.

     A technical description of these vulnerabilities is available from
     US-CERT in TA04-104A and from Microsoft in MS04-011, MS04-012,
     MS04-013, and MS04-014.

Resolution

  Apply a patch

     Follow the procedures outlined in Microsoft's Windows Security
     Updates for April 2004.

     <https://www.microsoft.com/security/security_bulletins/200404_windo
       ws.asp>

References

     * US-CERT Technical Alert TA04-104A: Multiple Vulnerabilities in
       Microsoft Products -
       <http://www.us-cert.gov/cas/techalerts/TA04-104A.html>

     * Windows      Security     Updates     for     April     2004     -
       <http://www.microsoft.com/security/security_bulletins/200404_windo
       ws.asp>

     * Microsoft   Security  Bulletin  MS04-011  -  Security  Update  for
       Microsoft Windows (835732) -
       <http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx>

     * Microsoft  Security  Bulletin  MS04-012  -  Cumulative  Update for
       Microsoft RPC/DCOM (828741) -
       <http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx>

     * Microsoft  Security Bulletin MS04-013 - Cumulative Security Update
       for Outlook Express (837009) -
       <http://www.microsoft.com/technet/security/bulletin/MS04-013.mspx>

     * Microsoft  Security  Bulletin  MS04-014  -  Vulnerability  in  the
       Microsoft  Jet Database Engine Could Allow Code Execution (837001)
       -
       <http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx>

     * Microsoft  Security  Response  Center  Security  Bulletin Severity
       Rating System (Revised, November 2002) -
       <http://www.microsoft.com/technet/security/bulletin/rating.mspx>

     _________________________________________________________________

   Feedback about this alert should be sent to the author, Mindi
   McDowell, at "US-CERT Security Alerts" at <mailto:cert@cert.org>.
   Please include the Subject line "SA04-104A Feedback VU#667571".
     _________________________________________________________________

   Copyright 2004 Carnegie Mellon University.

   Terms of use: <http://www.us-cert.gov/legal.html>

   Revision History

   April 13, 2004: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAfJyPXlvNRxAkFWARAlQEAKDWjSDScj+mhRVyCDP8b+c6Vpkj8gCfRtoW
kVHBZqzqaAygLTOp7P11Gzs=
=UYjr
-----END PGP SIGNATURE-----